about summary refs log tree commit diff
path: root/nixos
diff options
context:
space:
mode:
authorFranz Pletz <fpletz@fnordicwalking.de>2017-06-17 18:32:00 +0200
committerRobin Gloster <mail@glob.in>2017-08-04 02:13:42 +0200
commit02791ced3472116e07845c8181370b9e6ff755e2 (patch)
treec3825156f91900d3ad5e0ef4a58d2377bfba5345 /nixos
parent1075919413bcaa1a0ed01ea9b9028276ba0cb313 (diff)
downloadnixlib-02791ced3472116e07845c8181370b9e6ff755e2.tar
nixlib-02791ced3472116e07845c8181370b9e6ff755e2.tar.gz
nixlib-02791ced3472116e07845c8181370b9e6ff755e2.tar.bz2
nixlib-02791ced3472116e07845c8181370b9e6ff755e2.tar.lz
nixlib-02791ced3472116e07845c8181370b9e6ff755e2.tar.xz
nixlib-02791ced3472116e07845c8181370b9e6ff755e2.tar.zst
nixlib-02791ced3472116e07845c8181370b9e6ff755e2.zip
atlassian-{jira,confluence}: add crowd sso support
Diffstat (limited to 'nixos')
-rw-r--r--nixos/modules/services/web-apps/atlassian/confluence.nix53


-rw-r--r--nixos/modules/services/web-apps/atlassian/jira.nix51


2 files changed, 102 insertions, 2 deletions
diff --git a/nixos/modules/services/web-apps/atlassian/confluence.nix b/nixos/modules/services/web-apps/atlassian/confluence.nix
index c1d7d4ea06d4..33ba444d0971 100644
--- a/nixos/modules/services/web-apps/atlassian/confluence.nix
+++ b/nixos/modules/services/web-apps/atlassian/confluence.nix
@@ -6,7 +6,22 @@ let
 
   cfg = config.services.confluence;
 
-  pkg = pkgs.atlassian-confluence;
+  pkg = pkgs.atlassian-confluence.override {
+    enableSSO = cfg.sso.enable;
+    crowdProperties = ''
+      application.name                        ${cfg.sso.applicationName}
+      application.password                    ${cfg.sso.applicationPassword}
+      application.login.url                   ${cfg.sso.crowd}/console/
+
+      crowd.server.url                        ${cfg.sso.crowd}/services/
+      crowd.base.url                          ${cfg.sso.crowd}/
+
+      session.isauthenticated                 session.isauthenticated
+      session.tokenkey                        session.tokenkey
+      session.validationinterval              ${toString cfg.sso.validationInterval}
+      session.lastvalidation                  session.lastvalidation
+    '';
+  };
 
 in
 
@@ -76,6 +91,42 @@ in
         };
       };
 
+      sso = {
+        enable = mkEnableOption "SSO with Atlassian Crowd";
+
+        crowd = mkOption {
+          type = types.str;
+          example = "http://localhost:8095/crowd";
+          description = "Crowd Base URL without trailing slash";
+        };
+
+        applicationName = mkOption {
+          type = types.str;
+          example = "jira";
+          description = "Exact name of this Confluence instance in Crowd";
+        };
+
+        applicationPassword = mkOption {
+          type = types.str;
+          description = "Application password of this Confluence instance in Crowd";
+        };
+
+        validationInterval = mkOption {
+          type = types.int;
+          default = 2;
+          example = 0;
+          description = ''
+            Set to 0, if you want authentication checks to occur on each
+            request. Otherwise set to the number of minutes between request
+            to validate if the user is logged in or out of the Crowd SSO
+            server. Setting this value to 1 or higher will increase the
+            performance of Crowd's integration.
+          '';
+        };
+      };
+
+
+
       jrePackage = let
         jreSwitch = unfree: free: if config.nixpkgs.config.allowUnfree or false then unfree else free;
       in mkOption {
diff --git a/nixos/modules/services/web-apps/atlassian/jira.nix b/nixos/modules/services/web-apps/atlassian/jira.nix
index 0ab94d95eee8..19b6a8d30851 100644
--- a/nixos/modules/services/web-apps/atlassian/jira.nix
+++ b/nixos/modules/services/web-apps/atlassian/jira.nix
@@ -6,7 +6,22 @@ let
 
   cfg = config.services.jira;
 
-  pkg = pkgs.atlassian-jira;
+  pkg = pkgs.atlassian-jira.override {
+    enableSSO = cfg.sso.enable;
+    crowdProperties = ''
+      application.name                        ${cfg.sso.applicationName}
+      application.password                    ${cfg.sso.applicationPassword}
+      application.login.url                   ${cfg.sso.crowd}/console/
+
+      crowd.server.url                        ${cfg.sso.crowd}/services/
+      crowd.base.url                          ${cfg.sso.crowd}/
+
+      session.isauthenticated                 session.isauthenticated
+      session.tokenkey                        session.tokenkey
+      session.validationinterval              ${toString cfg.sso.validationInterval}
+      session.lastvalidation                  session.lastvalidation
+    '';
+  };
 
 in
 
@@ -82,6 +97,40 @@ in
         };
       };
 
+      sso = {
+        enable = mkEnableOption "SSO with Atlassian Crowd";
+
+        crowd = mkOption {
+          type = types.str;
+          example = "http://localhost:8095/crowd";
+          description = "Crowd Base URL without trailing slash";
+        };
+
+        applicationName = mkOption {
+          type = types.str;
+          example = "jira";
+          description = "Exact name of this JIRA instance in Crowd";
+        };
+
+        applicationPassword = mkOption {
+          type = types.str;
+          description = "Application password of this JIRA instance in Crowd";
+        };
+
+        validationInterval = mkOption {
+          type = types.int;
+          default = 2;
+          example = 0;
+          description = ''
+            Set to 0, if you want authentication checks to occur on each
+            request. Otherwise set to the number of minutes between request
+            to validate if the user is logged in or out of the Crowd SSO
+            server. Setting this value to 1 or higher will increase the
+            performance of Crowd's integration.
+          '';
+        };
+      };
+
       jrePackage = let
         jreSwitch = unfree: free: if config.nixpkgs.config.allowUnfree or false then unfree else free;
       in mkOption {

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-08-06 16:08:41 +0000